Google Maps LBC: Claimed Business Listings Still Being Hijacked?

In June of last year, reports started flowing into Google support groups about hijackings of claimed listings. In December, I communicated to Google a method by which “blackhat” locksmiths were hijacking business records previously claimed via the Local Business Center and which Google had posited as secure. Towards the end of January, Google notified me that this particular vector had been closed and that I was free to talk about it.

It appears though, that claimed records are still able to be hijacked. It was recently reported in the Google Maps forum that a claimed listing has once again been hijacked.

I followed up with the poster. The above record, legitimately claimed in the client’s LBC, was compromised over this past weekend. In emails with other Locksmiths, it appears there are additional reports of hijackings of claimed listings as recently as the past 4 days.

It is unclear whether the same or different tactics are being used. It does seem quite certain that these supposedly secure records are being compromised.

In related news, “blackhat” locksmiths have been compromising unclaimed listings in the hotel and restaurant business. This is similar to the floral hijackings and brand name hijackings during this past year. The blackhats take control of popular restaurant and hotel listings to gain benefit of the many web citations and reviews.

Due to the benefit incurred from high citation and review listings, many of these cross industry hijacks are dominating the principal locksmith searches in major markets:

Some of these hijacked, unclaimed listings are also showing up in the high level Hotel searches like NY Hotels:

Please consider leaving a comment as your input will help me (& everyone else) better understand and learn about local.

Google Maps LBC: Claimed Business Listings Still Being Hijacked?
by Mike Blumenthal

Thanks for all the screenshots, Mike. It seems you’re not quite sure if the hijacking process is identical to that we witnessed in the florist industry. I am having trouble understanding how the process would go, swiping the restaurant UGC/citations so that they are coming up for the locksmith’s listing. How could that be done, step by step?

I do not have all the details and I could be wrong. It appears that these listings were unclaimed and either via community edits or bulk uploads enough information was changed that the blackhats could claim the record. So it appears to have been a mix of methods ( I am guessing here). They were likely done last year in the fall.

The more disturbing and perhaps damming information though is that currently claimed records in the LBC were compromised this past weekend. Google claimed to have secured these claimed records, but apparently they have not.

If I’ve said it once, I’ve said it 1,000 times: I love dumplings with my emergency locksmith needs!!!!!!! 😀

Not only is this an amazing abuse of the free information that google provides through maps….but the absurdity of it, showing only in google –its outrageous. Its enough to make me choke on a dumpling the next time a locksmith overcharges me.

Any word from Google about hijacked listings, especially “claimed” business listings?

Too bad there aren’t any legal ramifications to bring the hijackers to justice. It makes it much more difficult for small businesses by wasting their time with listings they thought were secure. What a headache for locksmiths!

The only option open to folks who have had their listings hijacked is to report them in the Google Maps Help Forums. Unfortunately, the postings are not always responded to nor fixed… unless the poster is VERY persistent.

Google is immune under the Communications Decency Act (what a twist of logic that is). In some states apparently, like CA, this activity is illegal but the resources for fighting it are very limited.

Great post. I run the operations department of a medium sized local SEO company. I want to make sure we don’t do business with any of these folks. Besides using Google, do we know the actual business names of the companies doing the hijacking?